Posted by: jasonk2600 | December 3, 2009

Quickie HowTo: Using Apache’s Authentication

Using Apache’s authentication in conjunction with SSL (HTTPS) encryption provides a fairly secure way to authenticate users on your Website.  It is possible to use Apache’s authentication with a PAM, SQL, LDAP, and other backends.  This document will only cover the use of a plain text file as the backend.

Begin by editing Apache’s main configuration file, httpd.conf in most cases.  Create a Directory entry for the Web site that you want to use authentication.  The Directory entry should look something like the following example, although only the Auth lines are required to enable Apache’s authentication.

<Directory "/usr/local/www/secure-site">
   Options ExecCGI FollowSymLinks
   AllowOverride None
   Order allow,deny
   Allow from all
   AuthName "Secured Area, Authentication Required!"
   AuthType Basic
   AuthUserFile /usr/local/www/secure-site/.htpasswd
   Require valid-user
</Directory>

 

The next step is to create .htpasswd file.  NOTE:  The –c option is only used when first creating the file, after that no options are necessary.

# cd /usr/local/www/secure-site
# htpasswd -c .htpasswd Username1
New password:
Re-type new password:
Adding password for user Username1

 

Repeat the step above for each user that needs to be added. Remember to omit the -c option for any users after the first one. Finally, restart Apache for the new settings to take effect. Apache will now prompt for a username and password in order to access the Web site.

 

  [EoF]
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: